Found with m-c 20191211-b823b005f00e
This is triggered with an UBSan build while running gtests. To enable this check add the following to your mozconfig:

ac_add_options --enable-undefined-sanitizer="nonnull-attribute"

[ RUN      ] MediaPipelineTest.TestAudioSendNoMux
src/media/webrtc/trunk/webrtc/rtc_base/buffer.h:348:33: runtime error: null pointer passed as argument 2, which is declared to never be null
/usr/include/string.h:43:28: note: nonnull attribute specified here
    #0 0x7f4d7a5b5aca in rtc::BufferT<unsigned char>::EnsureCapacityWithHeadroom(unsigned long, bool) src/media/webrtc/trunk/webrtc/rtc_base/buffer.h:348:5
    #1 0x7f4d7a5b207b in rtc::BufferT<unsigned char>::SetSize(unsigned long) src/media/webrtc/trunk/webrtc/rtc_base/buffer.h:304:5
    #2 0x7f4d7a78adcc in unsigned long rtc::BufferT<unsigned char>::AppendData<unsigned char, webrtc::AudioEncoderOpusImpl::EncodeImpl(unsigned int, rtc::ArrayView<short const, -4711l>, rtc::BufferT<unsigned char>*)::$_2, (void*)0>(unsigned long, webrtc::AudioEncoderOpusImpl::EncodeImpl(unsigned int, rtc::ArrayView<short const, -4711l>, rtc::BufferT<unsigned char>*)::$_2&&) src/media/webrtc/trunk/webrtc/rtc_base/buffer.h:289:5
    #3 0x7f4d7a78a0f2 in webrtc::AudioEncoderOpusImpl::EncodeImpl(unsigned int, rtc::ArrayView<short const, -4711l>, rtc::BufferT<unsigned char>*) src/media/webrtc/trunk/webrtc/modules/audio_coding/codecs/opus/audio_encoder_opus.cc:617:16
    #4 0x7f4d7a489f42 in webrtc::AudioEncoder::Encode(unsigned int, rtc::ArrayView<short const, -4711l>, rtc::BufferT<unsigned char>*) src/media/webrtc/trunk/webrtc/api/audio_codecs/audio_encoder.cc:44:22
    #5 0x7f4d7a629a0a in webrtc::(anonymous namespace)::AudioCodingModuleImpl::Encode(webrtc::(anonymous namespace)::AudioCodingModuleImpl::InputData const&) src/media/webrtc/trunk/webrtc/modules/audio_coding/acm2/audio_coding_module.cc:496:34
    #6 0x7f4d7a6240a6 in webrtc::(anonymous namespace)::AudioCodingModuleImpl::Add10MsData(webrtc::AudioFrame const&) src/media/webrtc/trunk/webrtc/modules/audio_coding/acm2/audio_coding_module.cc:662:22
    #7 0x7f4d7ace9d77 in webrtc::voe::Channel::ProcessAndEncodeAudioOnTaskQueue(webrtc::AudioFrame*) src/media/webrtc/trunk/webrtc/voice_engine/channel.cc:1763:22
    #8 0x7f4d7ad06592 in webrtc::voe::Channel::ProcessAndEncodeAudioTask::Run() src/media/webrtc/trunk/webrtc/voice_engine/channel.cc:535:15
    #9 0x7f4d7ac0f6f3 in rtc::TaskQueue::Impl::OnWakeup(int, short, void*) src/media/webrtc/trunk/webrtc/rtc_base/task_queue_libevent.cc:438:18
    #10 0x7f4d705d1218 in event_persist_closure src/ipc/chromium/src/third_party/libevent/event.c:1580:9
    #11 0x7f4d705d024b in event_process_active_single_queue src/ipc/chromium/src/third_party/libevent/event.c:1639:4
    #12 0x7f4d705ae502 in event_process_active src/ipc/chromium/src/third_party/libevent/event.c
    #13 0x7f4d705aca2b in event_base_loop src/ipc/chromium/src/third_party/libevent/event.c:1961:12
    #14 0x7f4d7ac0ed56 in rtc::TaskQueue::Impl::ThreadMain(void*) src/media/webrtc/trunk/webrtc/rtc_base/task_queue_libevent.cc:407:5
    #15 0x7f4d7abdf63a in rtc::PlatformThread::Run() src/media/webrtc/trunk/webrtc/rtc_base/platform_thread.cc:246:5
    #16 0x7f4d7abdee0f in rtc::PlatformThread::StartThread(void*) src/media/webrtc/trunk/webrtc/rtc_base/platform_thread.cc:162:40
    #17 0x7f4d9f8736da in start_thread (/lib/x86_64-linux-gnu/libpthread.so.0+0x76da)

Since this passes IsConsistent() and data_ is null, capacity_ must be zero,
which implies size_ is zero, and so we attempt to copy zero bytes from a null
pointer. This doesn't seem to crash, but is still undefined behaviour.

Filed https://bugs.chromium.org/p/webrtc/issues/detail?id=11613 upstream.

Upstream review here: https://webrtc-review.googlesource.com/c/src/+/176280

https://hg.mozilla.org/mozilla-central/rev/232db1f2b77d

Merged upstream here: https://webrtc.googlesource.com/src/+/b164e704505fc16cf0e6c0f471dd02010b8e6e2c